Modern applications’ openness leaves vulnerabilities for attackers to infiltrate your infrastructure which could lead to server downtime, user data breach, and more. Baishan’s Cloud Shield security solution provides broad protection for websites and applications against all common types of sophisticated attacks, including DDoS, web application, and direct to origin attacks, leveraging its high-bandwidth, globally distributed network with multiple tiered architectures.
From Layer 3 to Layer 7, Baishan gets you covered. Each PoP in Baishan’s globally distributed network is built with proprietary DDoS mitigation technologies and AI-powered WAF engine to protect you from all common attacks including Ping floods, ICMP floods, OWASP Top 10 threats, malicious bots, and more. The rulesets are updated continuously by Baishan’s advanced threat intelligence to improve accuracy and to provide protection against zero-day vulnerabilities.
Cloud Shield security solution provides global protection without sacrificing the performance. It is fully integrated with Baishan’s global edge delivery platform. By bringing the security logics to the edge, Baishan can terminate malicious requests faster and serve the legitimate users directly from its edge cache.
Real-Time Control and Visibility
It is important to see what you are dealing with when it comes to cyber threats. Baishan provides real-time attacks and mitigation statistics on its Portal. The same set of data is also available to be ingested to your own security intelligence platform via API. Also, with self-provisioning portal, you can create your own specific rules based on your business needs.
Comprehensive WAF Rulesets
On top of the rulesets created and maintained by Baishan, its security product also incorporates rulesets from open source communities such as OWASP, Common Vulnerabilities and Exposures (CVE), and Chinese National Vulnerability Database (CNVD). The WAF protects against common attacks, including injection attacks, cross-site scripting, sensitive data exposure, website tempering, directory traversal attack, and more. WAF rules can be customized and managed in real-time via Portal or API based on customers’ each unique request scenarios. All traffic going through WAF is logged and analyzed so that the customers can have 100% visibility into their traffic.
Bot Behavioral Management
Security scanning and alerting
On top of security protection, Baishan developed a new generation intrusion detection system, Cloud Scan, using full traffic mirroring technology and big data analysis. Cloud Scan focuses on web-level intrusion detection to scan for potential threats, discover business risks, generate audit information, and provide alerting or notification to customers.
3-Level Anti DDoS Scrubbing Center
Baishan works closely with local Internet Service Providers to strategically deploy three-tiered scrubbing centers around the world for more substantial distributed attacks. Each location within the three-tiered scrubbing center can scrub up to 1 Tbps of DDoS traffic with a total of 30 Tbps (and growing) capacity.
Level 1 – ISP level backbone protection
Level 2 - Hardware firewall with proprietary IP reputation database
Level 3 – Application layer with in-depth packet inspection and device fingerprinting